AWSMigrationHubOrchestratorConsoleFullAccess details (in AWS console)
Policy Name
AWSMigrationHubOrchestratorConsoleFullAccess
Description
Provides limited access to AWS Migration Hub, AWS Application Discovery Service, Amazon Simple Storage Service and AWS Secrets Manager. This policy also grants full access to AWS Migration Hub Orchestrator service.
ARN
arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess
Path
/
PolicyId
ANPAZKAPJZG4K2IRHZ6FO
AttachmentCount
0
[
{
"Effect": "Allow",
"Action": [
"migrationhub-orchestrator:*"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:GetBucketAcl",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::migrationhub-orchestrator-*",
"arn:aws:s3:::migrationhub-orchestrator-*/*"
]
},
{
"Effect": "Allow",
"Action": [
"secretsmanager:ListSecrets"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"discovery:DescribeConfigurations",
"discovery:ListConfigurations",
"discovery:GetDiscoverySummary"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"mgh:GetHomeRegion"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeVpcs"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"kms:ListKeys",
"kms:ListAliases"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:ListInstanceProfiles",
"iam:ListRoles"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"ecs:ListClusters"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"account:ListRegions"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:CreateServiceLinkedRole"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:GetRole"
],
"Resource": [
"arn:aws:iam::*:role/aws-service-role/migrationhub-orchestrator.amazonaws.com/AWSServiceRoleForMigrationHubOrchestrator*"
]
}
]